package com.pricl.biz.console.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.pricl.frame.core.R;

/**
 * <p>
 * 缺省服务入口
 * </p>
 * 
 */
@Controller("portal.index.controller")
@RequestMapping("/portal")
public class IndexController {

	@RequestMapping(method = RequestMethod.GET)
	public String default0() {
		return "redirect:index";
	}

	@RequestMapping(value = "/index", method = RequestMethod.GET)
	public String index() {
		return "/portal/index";
	}

	@RequestMapping(value = "login", method = RequestMethod.GET)
	public String login() {
		return "/portal/login";
	}

	@RequestMapping(value = "/login", method = RequestMethod.POST)
	public @ResponseBody R login(String username, String password, String code, HttpServletRequest request,
			HttpServletResponse response) {
		Subject currentUser = SecurityUtils.getSubject();
		if (!currentUser.isAuthenticated()) {
			return login(currentUser, username, password);
		} else {
			// TODO 日志处理
			currentUser.logout();
			return login(currentUser, username, password);
		}
	}

	/*
	 * @RequestMapping(value = "/login", method = RequestMethod.POST) public
	 * String login(String username, String password, String code,Model
	 * model,HttpServletRequest request, HttpServletResponse response) { Subject
	 * currentUser = SecurityUtils.getSubject(); UsernamePasswordToken token =
	 * new UsernamePasswordToken(username,password); token.setRememberMe(false);
	 * try { if(currentUser.isAuthenticated()) return "redirect:/portal/index";
	 * currentUser.login(token); } catch (UnknownAccountException e) {
	 * model.addAttribute("msg","UnknownAccountException failure"); return
	 * "redirect:login"; } catch (IncorrectCredentialsException e) {
	 * model.addAttribute("msg","IncorrectCredentialsException failure"); return
	 * "redirect:login"; } catch (LockedAccountException e) {
	 * model.addAttribute("msg","LockedAccountException failure"); return
	 * "redirect:login"; } catch (AuthenticationException e) {
	 * model.addAttribute("msg","AuthenticationException failure"); return
	 * "redirect:login"; } SavedRequest savedRequest=
	 * WebUtils.getSavedRequest(request); if(savedRequest!=null){ String url =
	 * savedRequest.getRequestUrl(); if(!"".equals(url)){ return
	 * "redirect:"+url; } } return "redirect:/portal/index"; }
	 */
	// @RequestMapping(value = "/login", method = RequestMethod.POST)
	// public @ResponseBody
	// R login(String username, String password, String code,HttpServletRequest
	// request, HttpServletResponse response) {
	// Subject currentUser = SecurityUtils.getSubject();
	// if (!currentUser.isAuthenticated()) {
	// return login(currentUser, username, password);
	// } else {
	// // 重复登录
	// // TODO 日志处理
	// currentUser.logout();
	// try {
	// WebUtils.issueRedirect(request, response, null, null, true);
	// } catch (IOException e) {
	// e.printStackTrace();
	// }
	// return login(currentUser, username, password);
	// }
	// }

	private R login(Subject currentUser, String username, String password) {
		UsernamePasswordToken token = new UsernamePasswordToken(username, password);
		// RemeberMe
		token.setRememberMe(false);
		try {
			currentUser.login(token);
		} catch (UnknownAccountException uae) {
			return R.error("UnknownAccountException failure");
		} catch (IncorrectCredentialsException ice) {
			return R.error("IncorrectCredentialsException failure");
		} catch (LockedAccountException lae) {
			return R.error("LockedAccountException failure");
		} catch (AuthenticationException ae) {
			return R.error("AuthenticationException failure");
		}
		return R.ok("success");
	}
}
